On Thu, Apr 23, 2015 at 12:09 AM, Martin Thomson <[email protected]> wrote:
> On 22 April 2015 at 19:33, Peter Eckersley <[email protected]> wrote: > > Perhaps those policies can be stored out of band, or perhaps we can add > > a separate REST API endpoint where clients ask what ports the server > > considers acceptable for DV Challenges. > > > Or just pick port 100 (or another that isn't already taken) and say > 443 or _that_. I can't imagine you would need to have many numbers > before you found one that was free. > This seems like a simpler and safer option to me. Register an ACME port and use that if HTTPS isn't feasible. Bruce, would that meet your use case? That is, in your scenario, can the CalDAV service open a new (privileged) port, or does the ACME verification have to happen on the CalDAV port?
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
